ivuorinen/actions
1
0
Fork 0
mirror of https://github.com/ivuorinen/actions.git synced 2026-01-26 03:23:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
44a11e9773be8ae72c469d2461478413156de797
actions/ansible-lint-fix/action.yml
Ismo Vuorinen 44a11e9773 chore: update actions, cleanup pr-lint and pre-commit (#389) 
* chore: update actions, cleanup pr-lint

* chore: cleanup pre-commit config, formatting

* chore: revert sigstore/cosign-installer downgrade

* chore: formatting
2025-12-07 02:24:33 +02:00

136 lines
4.3 KiB
YAML
Raw Blame History

# yaml-language-server: $schema=https://json.schemastore.org/github-action.json
# permissions:
# - contents: write # Required for committing and pushing fixes
# - security-events: write # Required for uploading SARIF results
---
name: Ansible Lint and Fix
description: 'Lints and fixes Ansible playbooks, commits changes, and uploads SARIF report.'
author: 'Ismo Vuorinen'
branding:
icon: 'play'
color: 'green'
inputs:
token:
description: 'GitHub token for authentication'
required: false
default: ''
username:
description: 'GitHub username for commits'
required: false
default: 'github-actions'
email:
description: 'GitHub email for commits'
required: false
default: 'github-actions@github.com'
max-retries:
description: 'Maximum number of retry attempts for pip install operations'
required: false
default: '3'
outputs:
files_changed:
description: 'Number of files changed by linting'
value: ${{ steps.lint.outputs.files_changed }}
lint_status:
description: 'Linting status (success/failure)'
value: ${{ steps.lint.outputs.status }}
sarif_path:
description: 'Path to SARIF report file'
value: 'ansible-lint.sarif'
runs:
using: composite
steps:
- name: Validate Inputs
id: validate
uses: ivuorinen/actions/validate-inputs@5cc7373a22402ee8985376bc713f00e09b5b2edb
with:
action-type: 'ansible-lint-fix'
token: ${{ inputs.token }}
email: ${{ inputs.email }}
username: ${{ inputs.username }}
max-retries: ${{ inputs.max-retries }}
- name: Check for Ansible Files
id: check-files
shell: sh
run: |
set -eu
# Check for both .yml and .yaml files
if find . \( -name "*.yml" -o -name "*.yaml" \) -type f | grep -q .; then
echo "files_found=true" >> "$GITHUB_OUTPUT"
echo "Found Ansible files, proceeding with lint and fix."
else
echo "files_found=false" >> "$GITHUB_OUTPUT"
echo "No Ansible files found. Skipping lint and fix."
fi
- name: Checkout Repository
uses: actions/checkout@71cf2267d89c5cb81562390fa70a37fa40b1305e # v6-beta
with:
token: ${{ inputs.token || github.token }}
- name: Setup Python
if: steps.check-files.outputs.files_found == 'true'
uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
with:
python-version: '3.14'
cache: 'pip'
- name: Install ansible-lint
id: install-ansible-lint
if: steps.check-files.outputs.files_found == 'true'
uses: step-security/retry@e1d59ce1f574b32f0915e3a8df055cfe9f99be5d # v3.0.4
with:
timeout_minutes: 5
max_attempts: ${{ inputs.max-retries }}
command: 'pip install ansible-lint==6.22.1'
- name: Run ansible-lint
if: steps.check-files.outputs.files_found == 'true'
id: lint
shell: sh
run: |
set -eu
# Run ansible-lint and capture exit code
if ansible-lint --write --parseable-severity --format sarif > ansible-lint.sarif; then
lint_exit_code=0
else
lint_exit_code=$?
fi
# Count files changed by linting
files_changed=$(git diff --name-only | wc -l | tr -d '[:space:]')
# Determine lint status
if [ "$lint_exit_code" -eq 0 ]; then
lint_status="success"
else
lint_status="failure"
fi
# Write outputs to GITHUB_OUTPUT
printf 'files_changed=%s\n' "$files_changed" >> "$GITHUB_OUTPUT"
printf 'status=%s\n' "$lint_status" >> "$GITHUB_OUTPUT"
# Exit with the original ansible-lint exit code
exit "$lint_exit_code"
- name: Commit Fixes
if: steps.check-files.outputs.files_found == 'true'
uses: stefanzweifel/git-auto-commit-action@28e16e81777b558cc906c8750092100bbb34c5e3 # v7.0.0
with:
commit_message: 'style: apply ansible lint fixes'
commit_user_name: ${{ inputs.username }}
commit_user_email: ${{ inputs.email }}
- name: Upload SARIF Report
if: steps.check-files.outputs.files_found == 'true'
uses: github/codeql-action/upload-sarif@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
with:
sarif_file: ansible-lint.sarif
Reference in New Issue View Git Blame Copy Permalink